mirror of https://github.com/apache/maven.git
[MNG-553] Secure Storage of Server Passwords
o Restored CLI commands to create encrypted passwords git-svn-id: https://svn.apache.org/repos/asf/maven/components/trunk@803553 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
177a887acb
commit
41145c05e4
|
@ -92,6 +92,10 @@ public class CLIManager
|
||||||
|
|
||||||
public static final String LOG_FILE = "l";
|
public static final String LOG_FILE = "l";
|
||||||
|
|
||||||
|
public static final String ENCRYPT_MASTER_PASSWORD = "emp";
|
||||||
|
|
||||||
|
public static final String ENCRYPT_PASSWORD = "ep";
|
||||||
|
|
||||||
private Options options;
|
private Options options;
|
||||||
|
|
||||||
@SuppressWarnings("static-access")
|
@SuppressWarnings("static-access")
|
||||||
|
@ -128,6 +132,8 @@ public class CLIManager
|
||||||
options.addOption( OptionBuilder.withLongOpt( "also-make-dependents" ).withDescription( "If project list is specified, also build projects that depend on projects on the list" ).create( ALSO_MAKE_DEPENDENTS ) );
|
options.addOption( OptionBuilder.withLongOpt( "also-make-dependents" ).withDescription( "If project list is specified, also build projects that depend on projects on the list" ).create( ALSO_MAKE_DEPENDENTS ) );
|
||||||
options.addOption( OptionBuilder.withLongOpt( "log-file" ).hasArg().withDescription( "Log file to where all build output will go." ).create( LOG_FILE ) );
|
options.addOption( OptionBuilder.withLongOpt( "log-file" ).hasArg().withDescription( "Log file to where all build output will go." ).create( LOG_FILE ) );
|
||||||
options.addOption( OptionBuilder.withLongOpt( "show-version" ).withDescription( "Display version information WITHOUT stopping build" ).create( SHOW_VERSION ) );
|
options.addOption( OptionBuilder.withLongOpt( "show-version" ).withDescription( "Display version information WITHOUT stopping build" ).create( SHOW_VERSION ) );
|
||||||
|
options.addOption( OptionBuilder.withLongOpt( "encrypt-master-password" ).hasArg().withDescription( "Encrypt master security password" ).create( ENCRYPT_MASTER_PASSWORD ) );
|
||||||
|
options.addOption( OptionBuilder.withLongOpt( "encrypt-password" ).hasArg().withDescription( "Encrypt server password" ).create( ENCRYPT_PASSWORD ) );
|
||||||
|
|
||||||
// Adding this back in for compatibility with the verifier that hard codes this option.
|
// Adding this back in for compatibility with the verifier that hard codes this option.
|
||||||
|
|
||||||
|
|
|
@ -30,6 +30,11 @@ import org.apache.maven.exception.ExceptionSummary;
|
||||||
import org.apache.maven.execution.MavenExecutionRequest;
|
import org.apache.maven.execution.MavenExecutionRequest;
|
||||||
import org.apache.maven.execution.MavenExecutionResult;
|
import org.apache.maven.execution.MavenExecutionResult;
|
||||||
import org.codehaus.plexus.classworlds.ClassWorld;
|
import org.codehaus.plexus.classworlds.ClassWorld;
|
||||||
|
import org.sonatype.plexus.components.cipher.DefaultPlexusCipher;
|
||||||
|
import org.sonatype.plexus.components.sec.dispatcher.DefaultSecDispatcher;
|
||||||
|
import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher;
|
||||||
|
import org.sonatype.plexus.components.sec.dispatcher.SecUtil;
|
||||||
|
import org.sonatype.plexus.components.sec.dispatcher.model.SettingsSecurity;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author jason van zyl
|
* @author jason van zyl
|
||||||
|
@ -160,6 +165,63 @@ public class MavenCli
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
try
|
||||||
|
{
|
||||||
|
if ( commandLine.hasOption( CLIManager.ENCRYPT_MASTER_PASSWORD ) )
|
||||||
|
{
|
||||||
|
String passwd = commandLine.getOptionValue( CLIManager.ENCRYPT_MASTER_PASSWORD );
|
||||||
|
|
||||||
|
DefaultPlexusCipher cipher = new DefaultPlexusCipher();
|
||||||
|
|
||||||
|
System.out.println( cipher.encryptAndDecorate( passwd,
|
||||||
|
DefaultSecDispatcher.SYSTEM_PROPERTY_SEC_LOCATION ) );
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
else if ( commandLine.hasOption( CLIManager.ENCRYPT_PASSWORD ) )
|
||||||
|
{
|
||||||
|
String passwd = commandLine.getOptionValue( CLIManager.ENCRYPT_PASSWORD );
|
||||||
|
|
||||||
|
DefaultSecDispatcher dispatcher;
|
||||||
|
dispatcher = (DefaultSecDispatcher) mavenEmbedder.getPlexusContainer().lookup( SecDispatcher.class );
|
||||||
|
String configurationFile = dispatcher.getConfigurationFile();
|
||||||
|
if ( configurationFile.startsWith( "~" ) )
|
||||||
|
{
|
||||||
|
configurationFile = System.getProperty( "user.home" ) + configurationFile.substring( 1 );
|
||||||
|
}
|
||||||
|
String file = System.getProperty( DefaultSecDispatcher.SYSTEM_PROPERTY_SEC_LOCATION, configurationFile );
|
||||||
|
mavenEmbedder.getPlexusContainer().release( dispatcher );
|
||||||
|
|
||||||
|
String master = null;
|
||||||
|
|
||||||
|
SettingsSecurity sec = SecUtil.read( file, true );
|
||||||
|
if ( sec != null )
|
||||||
|
{
|
||||||
|
master = sec.getMaster();
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( master == null )
|
||||||
|
{
|
||||||
|
System.err.println( "Master password is not set in the setting security file" );
|
||||||
|
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
DefaultPlexusCipher cipher = new DefaultPlexusCipher();
|
||||||
|
String masterPasswd =
|
||||||
|
cipher.decryptDecorated( master, DefaultSecDispatcher.SYSTEM_PROPERTY_SEC_LOCATION );
|
||||||
|
System.out.println( cipher.encryptAndDecorate( passwd, masterPasswd ) );
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
catch ( Exception e )
|
||||||
|
{
|
||||||
|
CLIReportingUtils.showError( "FATAL ERROR: " + "Error encrypting password: " + e.getMessage(), e, showErrors );
|
||||||
|
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
MavenExecutionResult result = mavenEmbedder.execute( request );
|
MavenExecutionResult result = mavenEmbedder.execute( request );
|
||||||
|
|
||||||
try
|
try
|
||||||
|
|
Loading…
Reference in New Issue